Another important principle in cybersecurity is keeping your software up to date. I think most people understand this, but I known there are people who choose to continually put off installing updates and others who probably just ignore them all together. There used to be a time when we were done using our computers, we powered them down, every day. Of course, that was before power settings allowed our systems to go into a low-power sleep or standby mode. Today, we rarely turn our systems off and it’s completely understandable that it becomes a major inconvenience to save all of your work (you should do that habitually, anyway), close all of your open programs and reboot your system for something like an operating system (OS) update. However, that’s all just part of the “care and feeding” that comes with owning a computer. The good news is that most modern software can be installed and updated without a reboot—with only major OS updates requiring one.
So, what are software updates? A key part of the software development lifecycle comes once new software has been released to the public for use—this is fixing identified errors, adding minor features, and most importantly, patching security vulnerabilities. All of these things are fixed with software updates, which are also called patches. Chances are that you’ve got a wi-fi router at home. Your router needs updates for its firmware too. Firmware is just software on small devices that don’t have a normal user interface, like routers, IoT devices, and things like that. Another form of update you may have to look out for is virus signature updates for your antivirus software. This helps keep it current against the latest malware. Some more good news is that most update checking, downloading, and installing can be completely automated now, if you choose to set it up. At a minimum, I recommend that you allow your system to check for updates, download them automatically, then notify you so you can choose when to reboot—just don’t wait too long.
One quick note, an upgrade is not the same thing as an update. Upgrades include the addition of major new features and capabilities. Perhaps a completely new user interface. Think of an update as going from version 1.0 to version 1.1 and an upgrade as going from version 1.1 to version 2.0. If your software is very old, an upgrade can be more important for security reasons than for user interface features.
So, why is this all such a big deal? Obviously the most important updates are security related fixes. Staying on top of these will help ensure your system is protected from being exploited by the bad guys. Or worse, that the bad guys get your personal information or sensitive username and passwords—think online banking. In general, it’s a good practice to install all updates just to be on the safe side and stay protected from potentially undiscovered vulnerabilities.